Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/c219QE8Kcog9UvMKST6A1X7Uzw4.roa
File: c219QE8Kcog9UvMKST6A1X7Uzw4.roa (raw, json)
Hash identifier: a1rqIUue8AkZGET3xy9zr5OLEkOjTEfxL6rRJ8ZMXeY=
Subject key identifier: 73:6D:7D:40:4F:0A:72:88:3D:52:F3:0A:49:3E:80:D5:7E:D4:CF:0E
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 019C629403D21D7D8BEA3ACB7B9170957E66
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/c219QE8Kcog9UvMKST6A1X7Uzw4.roa
Signing time: Sun 15 Feb 2026 18:33:13 +0000
ROA not before: Sun 15 Feb 2026 18:33:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 31.40.192.0/24 maxlen: 24
45.154.120.0/22 maxlen: 24
77.83.48.0/23 maxlen: 24
77.83.48.0/24 maxlen: 24
77.83.49.0/24 maxlen: 24
80.243.230.0/23 maxlen: 24
85.31.52.0/24 maxlen: 24
86.62.53.0/24 maxlen: 24
86.62.54.0/24 maxlen: 24
86.62.55.0/24 maxlen: 24
88.218.81.0/24 maxlen: 24
88.218.82.0/23 maxlen: 24
91.245.238.0/24 maxlen: 24
95.214.244.0/22 maxlen: 24
176.113.40.0/23 maxlen: 24
193.9.56.0/24 maxlen: 24
193.9.57.0/24 maxlen: 24
193.9.58.0/24 maxlen: 24
193.9.59.0/24 maxlen: 24
193.31.124.0/23 maxlen: 24
193.47.36.0/22 maxlen: 24
193.56.22.0/24 maxlen: 24
193.160.74.0/24 maxlen: 24
193.160.75.0/24 maxlen: 24
194.104.7.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
213.109.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:62:94:03:d2:1d:7d:8b:ea:3a:cb:7b:91:70:95:7e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Feb 15 18:33:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=736d7d404f0a72883d52f30a493e80d57ed4cf0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2b:dd:c5:64:23:e3:d7:05:96:5e:66:1c:61:
d8:7a:0c:9a:48:78:d1:34:20:c4:7d:79:d3:b5:c3:
38:9f:70:5f:cb:48:78:71:fc:6d:b6:d8:f3:89:f0:
f6:1b:fa:39:1d:be:09:5c:64:86:8e:0c:0a:b7:ec:
e1:32:99:67:67:2e:81:a5:3d:c2:e8:d4:05:62:1c:
e7:09:16:43:19:59:21:e7:c4:98:c5:cf:b8:ea:b9:
11:1e:3d:0b:f9:96:dc:b5:2b:88:ff:88:7b:2f:5b:
d2:7f:5e:e0:48:58:00:4b:76:a1:e2:e0:63:0a:83:
44:85:fd:9c:9c:96:2f:76:c3:9c:27:64:a9:79:c2:
51:89:2e:cd:67:40:bb:00:99:37:6e:08:34:e1:5d:
66:7d:85:36:74:22:b0:bf:0c:07:b7:24:8a:c0:e2:
c3:36:61:1d:8d:53:7c:df:07:ab:16:31:1f:53:2a:
00:27:9a:09:63:61:9e:a3:ae:87:48:b3:20:39:99:
b4:e4:de:71:54:5d:d7:aa:58:6b:5c:32:ce:4f:8e:
af:45:8e:d4:b1:68:13:c6:ca:b6:4a:09:4f:b7:9b:
17:29:64:4c:4a:41:56:1a:f9:a1:c2:36:71:36:2f:
2c:b7:c5:72:43:a5:73:50:bc:7a:31:e2:4d:21:3b:
87:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6D:7D:40:4F:0A:72:88:3D:52:F3:0A:49:3E:80:D5:7E:D4:CF:0E
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/c219QE8Kcog9UvMKST6A1X7Uzw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.192.0/24
45.154.120.0/22
77.83.48.0/23
80.243.230.0/23
85.31.52.0/24
86.62.53.0-86.62.55.255
88.218.81.0-88.218.83.255
91.245.238.0/24
95.214.244.0/22
176.113.40.0/23
193.9.56.0/22
193.31.124.0/23
193.47.36.0/22
193.56.22.0/24
193.160.74.0/23
194.104.7.0/24
194.124.41.0/24
213.109.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:27:5c:26:d8:88:9d:fa:83:e1:58:24:a1:74:ff:c1:bf:6a:
db:57:75:a2:5d:36:8a:c9:19:25:f3:2d:65:ae:53:be:11:65:
27:0a:cc:8b:f1:bf:66:cd:b1:a7:d1:03:23:6d:ad:36:68:3b:
b8:5b:1b:16:32:c1:a0:e5:75:94:9e:eb:ae:a7:6f:b3:4e:f2:
60:f7:78:42:e2:52:23:3b:ac:ae:e9:2b:53:34:32:b9:86:d2:
08:5b:d1:e7:40:e8:bb:5f:15:de:f0:b8:b8:44:f1:fe:8d:c3:
76:2c:10:8e:5c:08:80:6b:c7:52:5f:ae:e4:7f:2e:88:39:3a:
d6:7c:4a:ea:02:2f:b5:b3:8d:f6:11:cf:e1:e4:17:10:76:f2:
be:14:28:39:f8:11:05:94:11:98:f6:e6:ec:49:d9:fa:21:ef:
eb:94:35:3c:08:f7:84:a6:17:03:ed:be:6c:d2:1a:f7:62:c9:
a2:e1:c6:33:f9:01:c4:ed:f5:7d:06:d5:ed:eb:fb:00:3b:77:
25:a5:f4:0d:76:10:0a:40:60:c9:c9:08:cf:54:b8:c1:3d:5b:
65:eb:1c:32:79:88:b4:6e:9b:1a:e2:78:c1:f5:ac:a6:8f:de:
45:28:7a:6d:ec:b4:54:19:db:17:40:f1:8f:5d:6f:78:58:73:
9d:8b:00:38
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZxilAPSHX2L6jrLe5FwlX5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjYwMjE1MTgzMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZkN2Q0MDRmMGE3Mjg4M2Q1MmYzMGE0OTNlODBkNTdlZDRjZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yvdxWQj49cFll5mHGHYegyaSHjR
NCDEfXnTtcM4n3Bfy0h4cfxtttjzifD2G/o5Hb4JXGSGjgwKt+zhMplnZy6BpT3C
6NQFYhznCRZDGVkh58SYxc+46rkRHj0L+ZbctSuI/4h7L1vSf17gSFgAS3ah4uBj
CoNEhf2cnJYvdsOcJ2SpecJRiS7NZ0C7AJk3bgg04V1mfYU2dCKwvwwHtySKwOLD
NmEdjVN83werFjEfUyoAJ5oJY2Geo66HSLMgOZm05N5xVF3XqlhrXDLOT46vRY7U
sWgTxsq2SglPt5sXKWRMSkFWGvmhwjZxNi8st8VyQ6VzULx6MeJNITuHuQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFHNtfUBPCnKIPVLzCkk+gNV+1M8OMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvYzIxOVFFOEtjb2c5VXZNS1NUNkExWDdVenc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAB8o
wAMEAi2aeAMEAU1TMAMEAVDz5gMEAFUfNDAMAwQAVj41AwQDVj4wMAwDBABY2lED
BAJY2lADBABb9e4DBAJf1vQDBAGwcSgDBALBCTgDBAHBH3wDBALBLyQDBADBOBYD
BAHBoEoDBADCaAcDBADCfCkDBALVbbwwDQYJKoZIhvcNAQELBQADggEBAE8nXCbY
iJ36g+FYJKF0/8G/attXdaJdNorJGSXzLWWuU74RZScKzIvxv2bNsafRAyNtrTZo
O7hbGxYywaDldZSe666nb7NO8mD3eELiUiM7rK7pK1M0MrmG0ghb0edA6LtfFd7w
uLhE8f6Nw3YsEI5cCIBrx1JfruR/Log5OtZ8SuoCL7WzjfYRz+HkFxB28r4UKDn4
EQWUEZj25uxJ2foh7+uUNTwI94SmFwPtvmzSGvdiyaLhxjP5AcTt9X0G1e3r+wA7
dyWl9A12EApAYMnJCM9UuME9W2XrHDJ5iLRumxrieMH1rKaP3kUoem3stFQZ2xdA
8Y9db3hYc52LADg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:20:12 2026 by rpki-client